Privacy Policy
Note: In case of discrepancy, the Japanese version prevails.
Last Updated: April 6, 2026
Article 1 (General)
1. This Privacy Policy (the âPolicyâ) sets forth how LostSOS Concierge (the âCompanyâ) handles personal information and other information of Users and other related persons in connection with the lost-item concierge service âRecovery Conciergeâ and related services incidental thereto.
2. This Policy applies to information obtained or used by the Company through its website, application forms, chat, email, telephone, and any other communication methods used by the Company.
3. If the Company separately indicates the handling of information in connection with individual services, application screens, FAQs, or otherwise, such indication shall supplement this Policy, and in the event of any inconsistency, such indication shall prevail.
Article 2 (Types of Personal Information and Other Information We Collect)
The Company collects the following information to the extent necessary for providing the Service:
1. Information collected directly from Users
(1) Contact information such as name, nickname, email address, phone number, preferred language, and other contact details
(2) Identifiers, display names, profile information, and other information ordinarily available on the chat or call channels selected by the User
(3) Case IDs, tokens, link codes, and other identifiers issued by the Company for Case management
(4) Information about the lost item, including item type, color, brand, features, photographs, identifying numbers, IMEI, serial number, and similar details
(5) Information about the loss circumstances, including date and time, railway line, station name, facility name, flight or service number, seat number, reservation name, route, and any other information necessary to identify the Case
(6) Chat, email, telephone, and other communication records, including timestamps, handling records, and delivered reports
(7) Information necessary for identity verification, confirmation of rightful authority, or fraud prevention, such as identification documents, selfies, proof of purchase, and letters of authorization, but only where the Company deems such information necessary
2. Information collected when Additional Services are used
If the User uses Additional Services such as recovery, proxy receipt, storage, shipping, return arrangements, or similar services provided on a separately quoted basis, the Company may collect shipping addresses, recipient information, delivery contact information, declared values, customs-related information, proof-of-authority materials, and other information necessary for those Additional Services.
3. Payment-related information
The Company may receive from payment processors information necessary for payment management, such as payment results, payment IDs, amounts paid, payment dates and times, currency, and refund status.
The Company does not, in principle, obtain or store the Userâs credit card number, security code, or other card details themselves.
4. Information obtained from third parties
The Company may obtain from railway companies, bus companies, taxi companies, hotels, facilities, police, shipping companies, and other Relevant Parties information necessary for Case handling, such as the characteristics of a found item, storage location, handover conditions, tracking number, response status, and transfer status.
5. Information automatically collected when the website is used
The Company may collect access logs, IP addresses, device information, browser information, browsing history, referrer data, cookies and other identifiers, advertising click identifiers, and information relating to usage.
Article 3 (Purpose of Use of Personal Information and Other Information)
The Company uses the information it collects for the following purposes:
1. To accept applications for the Service, assess suitability, manage Cases, communicate, manage progress, and verify identity
2. To prepare, update, and deliver the Deliverables for Recovery Concierge, including the Japanese Follow-up, Priority Plan, Contact Log, Live Updates, 90-Day Watch, and Next Steps Guide
3. To make inquiries to and communicate with Relevant Facilities, transportation operators, accommodation providers, police, and other Relevant Parties, and to organize their responses
4. To quote, arrange, ship, handle customs, confirm receipt, and otherwise perform Additional Services
5. To process billing, payments, refunds, accounting, fraud detection, chargeback handling, and other payment-related matters
6. To obtain, retain, and preserve records of consent to the Terms of Service, this Privacy Policy, and other important matters
7. To handle inquiries, improve quality, confirm response quality, prevent recurrence of issues, and provide support
8. To analyze website usage, improve the application flow, measure advertising effectiveness, analyze traffic sources, and improve the Service
9. To maintain systems, ensure security, prevent unauthorized use and impersonation, handle incidents, and manage logs
10. To comply with laws and regulations and to handle disputes, exercise rights, respond to authorities, and otherwise conduct legitimate business operations
Except where permitted by law or with the Userâs consent, the Company shall not use personal information or other information beyond the scope necessary to achieve the purposes set forth above.
Article 4 (Provision to Third Parties)
1. The Company shall not provide personal data to third parties except in the following cases:
(1) where the individual has given consent
(2) where required by law
(3) where necessary for the protection of life, body, or property and obtaining consent is difficult
(4) where otherwise permitted by law
2. For the purpose of providing the Service, the Company may provide information to Relevant Facilities, transportation operators, accommodation providers, police, shipping companies, and other Relevant Parties to the minimum extent necessary. Examples include:
(1) the features, type, brand, color, photographs, identifying numbers, and similar information of the lost item
(2) the date and time of loss, place of loss, route or travel segment, service number, seat number, reservation name, and similar information
(3) the Userâs name and other information necessary for inquiry or handover decisions by the relevant party
3. As a rule, the Company does not provide the Userâs email address, phone number, payment information, or other direct contact details to Relevant Parties for the purpose of facility inquiries.
However, this shall not apply where the User expressly requests such disclosure, where the relevant party requires such information for identity verification or direct contact and the User consents, or where required by law.
4. In connection with Additional Services, the Company may provide shipping addresses, recipient information, letters of authorization, identification documents, and other necessary information to shipping companies, receiving facilities, and other Relevant Parties.
5. Where required by law, the Company shall prepare and retain records relating to third-party provision.
Article 5 (Use of External Services)
1. The Company may use the following external services:
(1) Stripe
Purpose: payment processing, refund processing, fraud detection, chargeback handling, and other payment-related operations
Official information:
https://stripe.com/privacy
https://stripe.com/legal/privacy-center
(2) Google Analytics 4
Purpose: website analytics, usage analysis, and flow improvement
Official information:
https://policies.google.com/privacy?hl=ja
https://policies.google.com/technologies/partner-sites?hl=ja
(3) Google Tag Manager
Purpose: tag management, delivery management of measurement tags, and coordination with consent settings
Official information:
https://policies.google.com/privacy?hl=ja
https://support.google.com/tagmanager/answer/9323295?hl=en
(4) Google Ads
Purpose: ad delivery, conversion measurement, and ad effectiveness measurement
Official information:
https://policies.google.com/privacy?hl=ja
https://policies.google.com/technologies/partner-sites?hl=ja
(5) PayPal Pte. Ltd.
Purpose: payment processing, refund processing, fraud prevention, identity verification, chargeback and dispute handling, and other payment-related operations
Information that may be provided: name, email address, payment amount, currency, transaction ID, order ID, billing information, payment status, IP address, device information, and other information necessary for payment processing, fraud detection, identity verification, and dispute resolution
Country of location: Singapore (a third party located outside Japan under Article 28 of the Act on the Protection of Personal Information)
PayPal Pte. Ltd. handles the User's personal data in accordance with the PayPal Privacy Statement and applicable laws. For payment processing, risk management, fraud prevention, legal compliance, and identity verification, PayPal may share information with PayPal group companies, service providers, financial institutions, payment networks, and regulatory authorities, and may process personal information in countries or regions other than Singapore.
For information on the personal data protection regime in Singapore, please refer to the "Foreign Systems (Republic of Singapore)" published by the Personal Information Protection Commission of Japan.
Official information:
https://www.paypal.com/jp/legalhub/privacy-full
https://www.paypal.com/jp/legalhub/useragreement-full
2. If a User contacts the Company through external chat services such as WhatsApp, LINE, WeChat, or Kakao, the relevant service provider may process message content, identifiers, and other information in accordance with its own terms of use and privacy policy.
3. The Company may use AI, machine translation, or automation tools for multilingual support, summarization, drafting inquiry messages, Case organization, routing, and similar purposes.
The Company does not use Usersâ personal information for the purpose of training the Companyâs own models.
Even when external AI or similar tools are used, such use shall be limited to the extent necessary for the relevant purpose.
4. The Company may record or otherwise retain calls with Relevant Parties and other response records for quality control, after-the-fact verification, and preservation of evidence. Any such recording shall be conducted within the scope permitted by law, including, where applicable, the consent of one party to the call.
5. In addition to the foregoing, the Company may use cloud, hosting, email delivery, communications, and other external services to the extent necessary for providing the Service.
Article 6 (Cookies and Access Analytics)
1. The Company may use cookies, advertising identifiers, and similar technologies for the operation of the website, analysis of usage, measurement of advertising effectiveness, and other purposes set forth in Article 3.
2. Information obtained or used by the Company may include, for example, user counts, session statistics, approximate location data, browser information, device information, viewed pages, event information, cookie identifiers, and ad click identifiers.
3. Google Analytics 4 may use first-party cookies to distinguish Users and sessions on the website.
4. Users may restrict or disable the use of cookies through browser settings or methods provided by the relevant service providers.
However, if they do so, some functions of the website may not operate properly.
5. If the Company introduces a cookie banner, CMP, or other consent management tool, it shall operate in accordance with the choices made by Users through such tool.
Article 7 (Overseas Users and Provision to Third Parties Located Outside Japan)
1. Users of the Service may include persons residing outside Japan or using the Service from outside Japan.
2. The Company may provide personal data to external service providers, communications providers, cloud providers, and other third parties located outside Japan, or may outsource handling of such data to them.
3. Where personal data is provided to a third party located outside Japan and applicable law requires the Company to obtain consent or take other measures, the Company shall, in accordance with such law, provide in advance the name of the foreign country, information on the personal information protection system of that country, the protective measures taken by the recipient, and other information useful for the individualâs decision.
4. If a User selects a communication method provided by an overseas service provider, message content, identifiers, usage logs, and other information on that service may be stored or processed outside Japan.
5. This Privacy Policy is prepared on the basis of Japanese law. However, if the mandatory laws of the Userâs country of residence require additional protection, the Company shall endeavor to respect such protection to the extent applicable.
Article 8 (Management of Personal Information and Security Measures)
1. The Company shall implement necessary and appropriate security measures to prevent leakage, loss, damage, unauthorized access, and other risks relating to personal data.
2. The principal measures taken by the Company include the following:
(1) limiting access rights to personal data
(2) proper management of authentication credentials, two-factor authentication, and other authentication enhancement measures
(3) protection of communications and devices, malware countermeasures, and other technical controls
(4) limiting information handling to persons who need it for business purposes
(5) selecting, contracting with, and supervising contractors and external service providers
(6) deletion or anonymization after expiration of retention periods
(7) log management, incident response, and recurrence prevention measures
3. Where the handling of personal data is outsourced, the Company shall appropriately supervise the contractor according to the content of the work.
4. If any leakage or similar incident involving personal data occurs, the Company shall take necessary measures in accordance with law, including reporting to relevant authorities and notifying affected individuals where required.
Article 9 (Retention Period)
1. The Company shall retain the information it obtains only for the period necessary to achieve the purposes of use and shall delete or anonymize such information once it is no longer necessary.
2. The following are indicative retention periods:
(1) contact history, handling records, delivered reports, consent records, and other Case operation records: two years from completion of the Case
(2) identity documents, selfies, proof of purchase, letters of authorization, and other proof-of-authority materials: 90 days from completion of the Case
(3) call recordings: 90 days from the date recorded
(4) access logs, cookie-related information, analytics data, and ad measurement data: for periods corresponding to tool settings, operational necessity, and the relevant purpose of use
(5) records relating to payments, billing, refunds, tax, accounting, chargebacks, and other matters that must be retained by law or contract: for the period required by such law or contract
3. Notwithstanding the preceding paragraph, the Company may retain information for a longer period where necessary for legal compliance, dispute handling, prevention of unauthorized use, audit response, or other legitimate reasons.
Article 10 (User Rights)
1. In accordance with applicable law, a User may request the following with respect to their retained personal data held by the Company:
(1) notification of the purpose of use
(2) disclosure
(3) correction, addition, or deletion
(4) suspension of use, erasure, or suspension of third-party provision
(5) disclosure of records of third-party provision
2. A User wishing to make any request under the preceding paragraph shall contact the inquiry desk set forth in Article 11.
3. The Company may request additional materials or information within a reasonable scope for identity verification.
4. The Company may decline all or part of a request if it is not legally required to comply, if doing so may harm the rights or interests of the individual or a third party, if it would substantially interfere with proper business operations, or if otherwise permitted by law.
5. In principle, no fee shall be charged.
However, if a request requires paper issuance, postal delivery, or other actual costs, the Company may request reimbursement of such reasonable actual costs.
Article 11 (Contact Desk for Personal Information Matters)
For inquiries regarding this Privacy Policy, the handling of personal information, requests for disclosure, complaints, consultations, or any other related matter, please contact: Business Name: LostSOS Concierge Address: ã104-0061 æ±äº¬éœäžå€®åºé座1äžç®12çª4å· N&E BLD.6F Phone Number: 080-8410-9827 Email Address: support@lost-sos.com
Article 12 (Amendments to this Policy)
1. The Company may amend this Privacy Policy where there is a change in law, a change in the content of the Service, operational necessity, or any other reasonable ground.
2. If the Company amends this Privacy Policy, it shall notify Users of the amended content and effective date on its website or by any other appropriate means.
3. If there is any material change, the Company may provide additional notice or obtain additional consent as necessary.
Article 13 (Supplementary Provision)
This Privacy Policy shall take effect on April 6, 2026.